Database Activity Monitoring

By Ericka Chickowski  |  Print this article Print


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

Customers are floundering with PCI compliance mandates, but that's where the channel can step in. Savvy solution providers can cut through the complexity to help prioritize projects for customers and make money by focusing on the following seven areas.


Database Activity Monitoring
According to statistics compiled by PCI assessors at VeriSign, 70 percent of organizations that fail their PCI audits do so because they fail to monitor and track access to cardholder data. And where does most of that data reside? From where are auditors finding data is being accessed without any oversight? Why, yes, it is the database.

Database activity monitoring (DAM) tools are on their ascendancy within the overall security market--one needs only look at the $225 million IBM acquisition of Guardium late in 2009 to see that. At the moment, though, a scant 13 percent of laggard organizations use DAM to comply with PCI. Even among best-in-class organizations DAM usage is only at 42 percent.

This may partially be due to a couple of factors. DAM is not cheap or pattycakes-simple to deploy--and it's 100 percent necessary in order to comply with PCI. However, its security benefits are far more impactful than many compliance-driven tools. As such, it is a great option for channel partners selling into organizations that are looking to start projects that move their PCI and security programs beyond the check-box compliance stage.


Submit a Comment

Loading Comments...